Just another ToorCon Network site

Menu

Being one of the few devs with an interest in security, I have seen quite a few rants on what developers need to learn from the infosec profession. Yet most of these talks are given at security conferences. Out of the few dev conferences, I can count the number of security talks on one hand, and even then it ended up being a walkthrough of the top 10 OWASP vulnerabilities website. This has got to change, and hope to shed some insight or a few WTF moments.

As SoC price continue to drop and their implementation continues to rise, embedded “appliances” will be become an attractive avenue for cyber criminals. Due to the fact they provide no traditional feedback (monitor) or input (mouse/keyboard) If one were able to compromise an embedded host it would be the perfect vantage point for a MITM attack or a beachhead to launch other attacks. I plan to guide you through some of the steps from initial reconnaissance to building binaries for different architectures. Then end goal being to take over the host without breaking designed functionality (stealthy), being able to run third party binaries at start (lethal), and surviving basic removal techniques (persistent) aka weaponizing. As part of this walkthrough I will be guiding you through the exploitation of the Belkin WeMo light switch appliance.

Daniel Buentello
I majored in computer science and became a network engineer. I found passion in security and like to perform research in my spare time.

As Microsoft SQL Server has progressed, the security features and facilities have greatly matured. Unfortunately, the functionality of the service has also gone to great lengths to facilitate the programmability of the service by administrators and operators. This talk demonstrates how to use the latest version of SQL server and the default functionality of both SQL and Windows, to create, install, and hide a SQL service rootkit – all in 20 minutes.

whitey
Career pen-tester with a talent for breaking SQL – still hates being called, “The SQL guy.”

this is my 1st android (jelly bean) with my first app install i was appalled at all the access to my phone’s data that it wanted, nothing for free, eh? so, can you sanbox android apps even if they think they need access to my SIM, contacts, data on miniSD card, WFT. had to take control of my own device and this is how i did it

….experience flashing the ROM with custom kernel & getting rid of samsung+ATT bloatware on a new phone.

also included is backing up original device/ROM so i can restore it when needed/necessary

how to change the MAC address on it. setting up a VPN tunnel and a TOR APP. how to secure android in general

bsb
steven is an artist/computer wizard who loves computer security, keeping things secret, and freely using any device/os in any manner desired

The US National Security Agency has been public about the inevitability of mobile computing and the need to support cloud-based service use for secret projects. General Alexander, head of the NSA, recently spoke of using smartphones as ID cards on classified networks.

And yet, mobile devices have a poor security track record, both as data repositories and as sources of trustworthy identity information. Cloud services are no better: current security features are oriented toward compliance and not toward real protection.

What if we could provide a strong link between mobile device identity, integrity, and the lifecycle of data retrieved from the cloud using only the hardware shipped with modern smartphones and tablets?

The good news is that we can do that with the trusted execution environment (TEE) features of the common system on a chip (SOC) mobile processor architectures using “measurement-bound” encryption. This talk will describe how data can be encrypted to a specific device, how decryption is no longer possible when the device is compromised, and where the weaknesses are. I will demonstrate measurement-bound encryption in action. I will also announce the release of an open-source tool that implements it as well as a paper that describes the techniques for time-bound keys.

This is likely the very same way that NSA will be protecting the smartphones that will be used for classified information retrieval. Come learn how your government plans to keep its own secrets and how you can protect yours.

Dan Griffin
Dan is the founder of JW Secure and is a Microsoft Enterprise Security MVP. Dan is the author of the books Cloud Security and Control, published in 2012, and The Four Pillars of Endpoint Security, to be published in 2013, and is a frequent conference speaker. Dan holds a Master’s degree in Computer Science from the University of Washington and a Bachelor’s degree in Computer Science from Indiana University.

Real life experiences handling an active attack and cleaning up after a breach. This will delve into the book taught theory and the reality of how things should be done when being actively attacked.

mattrix
Matthew Hoy – mattrix has worked in the Information Security world for over 11 years in various Information Security roles from Security Analyst, Architect, Incident Response, Consultant and Management. Matt currently holds CISSP and SANS GCIH Certifications.

Most attendees would probably recognize mattrix better in a staff shirt of some kind for either Toorcon or a red shirt at Defcon.

Matt’s hobbies include Off-roading, shooting sports, fishing, hunting and technology when he has time.

Some data is too sensitive or volatile to store on systems you own. What if we could store it somewhere else without compromising the security or availability of the data, while leveraging intended functionality to do so? This presentation will cover the methodology and tools required to create a distributed file store built on top of a JavaScript botnet. This type of data storage offers redundancy, encryption, and plausible deniability, but still allows you to store a virtually unlimited amount of data in any type of file. They can seize your server — but the data’s not there!

Sean Malone
Sean Malone has been building and breaking networks and applications for the last 12 years, and he has a diverse practical and academic background in information technology and security. As a Principal Consultant and the primary engagement manager for FusionX, Sean provides clients across all verticals with sophisticated adversary simulation assessments and strategic security guidance. Sean is a key member of the FusionX internal research and development team, and his custom security assessment utilities are used in a majority of FusionX engagements.

Some geek friends of mine got married this past winter and were putting on an 8-bit themed wedding. They didn’t want to have the wedding favor be a stupid hand tied bag of Jordan almonds or a small box of chocolate truffles. They wanted a cool little electronic toy that people could play with and take home with them after the wedding was over. This talk will detail how we got this project done from concept to short production run (50 units) in 60 days and under budget at less than $5 per piece.

ducksauz
ducksauz has been doing information security for over 15 years but since most of what he does at work is pretty intangible, he does hardware hacking projects for fun. Back on the East coast he founded DC401 and QuahogCon. Now that he’s here in Seattle, he’s on the board of Black Lodge Research, where he can be found on a semi-regular basis.